How can I check for file existence in salt file server

StackOverflow https://stackoverflow.com/questions/22582479

  •  19-06-2023
  •  | 
  •  

Question

I want to copy ssh keys for users automatically, some users do not have keys.

What I have now is:

ssh_auth:                                                                                                                                                                      
  - present                                                                                                                                                                    
  - user: {{ usr }}                                                                                                                                                            
  - source: salt://users/keys/{{usr}}.id_rsa.pub

When a key for a user does not exist on salt:// fileserver, I get an error. Is there some function to check for existence of a file in salt:// fileserver?

Was it helpful?

Solution

If you feel you MUST learn how to do this with just states, you can use the fallback mechanism by specifying a list of sources:

From the docs:

ssh_auth:                                                                        
  - present
  - user:{{usr}}
  - source:
    - salt://users/keys/{{usr}}.id_rsa.pub
    - salt://users/keys/null.id_rsa.pub

Where cat /dev/null > /srv/salt/users/keys/null.id_dsa.pub

Professionally, user keys should be stored in pillars. This presents the additional functionality that pillars are stored and retrieved from the master at execution time - which means you can test for the existence of the file per your original request. I do something just like that for openvpn certificates:

http://garthwaite.org/virtually-secure-with-openvpn-pillars-and-salt.html

OTHER TIPS

I don't know of a jinja or salt function which can check the master's file server for a specific file. I would recommend you put those keys as a key in the pillar's file which contains your user's and use jinja to detect the existence of that key and create the key when necessary. For example:

The pillars file:

# Name of file : user_pillar.sls
users:
  root:
    ssh_key: some_key_value
    home : /root
    createhome: True

The state file:

# Name of file : users_salt_state_file.sls
{% for user,args in salt['pillar.get']('users',{}).iteritems() %}
# Ensure user is present
{{ user }}_user:
  user.present:
    - name: {{ user }}

# Home Creation
{% if args and 'home' in args %} 
    - home: {{ args['home'] }}
{% endif %}
{% if args and 'createhome' in args %} 
    - createhome: {{ args['createhome'] }}
{% endif %}

# SSH_auth
{% if args and 'ssh_key' in args %}
{{ args['ssh_key'] }}
  ssh_auth:                                                                                                                                                                      
    - present                                                                                                                                                                    
    - user: {{ user }}  
{% endfor %}
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top